How can we enable Auth0 SSO in Discourse

wordpress
sso

(UserXtreamz) #1

I have one new wordpress installation with PrimeTime WordPress + Discourse SSO
plugin for dicourse and wordpress integration and also i am using

Wordpress Auth0 plugin for auth0 integration.

The discourse integration and Auth0 integration Successfully done in
wordpress.
But when i logged in wordpress through the Auth0 i need to automatically
login in discourse also (Single sign on). How can we make the single
sign on in wordpress and discourse. Please suggest the better options…


(Asana) #2

Hi, did you get a solution to your problem? I am also looking to achieve the same thing.


(Trent) #3

I also am looking into this. Anyone got a solution.


(Blake Erickson) #4

Have you tried to use the Auth0 SSO plugin?

You could also try using the Discourse Basic Auth plugin and follow this guide to setup Auth0. It’s not SSO, but if you use the same auth0 clientid as your wordpress site they shouldn’t have to create a new username/password since they already exist in auth0.

I’m not really sure but you might be able to get away with using the wp-discourse plugin and setting up SSO to wordpress, but I’m guessing this might not work because Auth0 is the identity provider not wordpress.


(Simon Cossar) #5

I’ve looked at this recently with SAML authentication. With the way the plugin is currently setup, it won’t work for SSO login requests that are made from Discourse. What needs to happen for it to work is for the Discourse SSO parameters to be passed to the Identity Provider, and then passed back to WordPress.

It looks like this could be done with Auth0 by sending the Discourse SSO parameters in the RelayState query string. I’m going to add an action to the plugin that can be hooked into for doing things like this.

For now the easiest approach is to use Auth0 to log users in separately to both Discourse and WordPress.


(Simon Cossar) #6

I’ve tried this with WP Discourse and the Auth0 WordPress plugin. It seems to work correctly both with an Auth0 username/password and with Google authentication. Auth0 is preserving the Discourse SSO redirect parameter over the login request.